package com.sso.cas;

import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.principal.SimplePrincipal;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.security.auth.login.FailedLoginException;
import java.security.GeneralSecurityException;

@Component(value="userAuthenticationHandler")
public class UserAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {
    @Resource
    private UserDaoJdbc userDaoJdbc;  
      
    /** 
     * 认证用户名和密码是否正确 
     * UsernamePasswordCredential参数包含了前台页面输入的用户信息
     */  
    @Override  
    protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential transformedCredential) throws GeneralSecurityException, PreventedException {
        String username = transformedCredential.getUsername();  
        String password = transformedCredential.getPassword();  
        if(userDaoJdbc.verifyAccount(username, password)){  
            return createHandlerResult(transformedCredential, new SimplePrincipal(username), null);
        }  
        throw new FailedLoginException();
    }  
}  